Uno strumento gratuito per "infilarsi" in una sessione. Sembra incredibile, ma le cose funzionano veramente così...
HTTP session hijacking (sometimes called "sidejacking") is when an attacker gets a hold of a user's cookie, allowing them to do anything the user can do on a particular website. On an open wireless network, cookies are basically shouted through the air, making these attacks extremely easy. http://codebutler.com/firesheep
(segnalazione di Maurizio Pozzobon)
Vedi anche questo post.
Update (Novembre 2010)
Altri link molto interessanti sul tema:
HTTP session hijacking (sometimes called "sidejacking") is when an attacker gets a hold of a user's cookie, allowing them to do anything the user can do on a particular website. On an open wireless network, cookies are basically shouted through the air, making these attacks extremely easy. http://codebutler.com/firesheep
(segnalazione di Maurizio Pozzobon)
Vedi anche questo post.
Update (Novembre 2010)
Altri link molto interessanti sul tema:
Commenti
https://www.eff.org/https-everywhere
Spiegazione:
http://virusremovaltool.info/category/https-everywhere/